sysctl variable definitions

Steve Clark Thu, 26 Jan 2012 07:52:54 -0800

Hi Darren,

Glad your back.


Is there any documentation that describes what the various sysctl setting do in
terms of effecting ipfilter. I have searched but have not been able to turn up
anything definitive.

fr_flags        min 0   max 0xffffffff  current 0
fr_active       min 0   max 0   current 0
fr_control_forwarding   min 0   max 0x1 current 0
fr_update_ipid  min 0   max 0x1 current 0
fr_chksrc       min 0   max 0x1 current 0
fr_minttl       min 0   max 0x1 current 4
fr_icmpminfragmtu       min 0   max 0x1 current 68
fr_pass min 0   max 0xffffffff  current 134217730
fr_tcpidletimeout       min 0x1 max 0x7fffffff  current 86400
fr_tcpclosewait min 0x1 max 0x7fffffff  current 480
fr_tcplastack   min 0x1 max 0x7fffffff  current 60
fr_tcptimeout   min 0x1 max 0x7fffffff  current 480
fr_tcpclosed    min 0x1 max 0x7fffffff  current 60
fr_tcphalfclosed        min 0x1 max 0x7fffffff  current 7200
fr_udptimeout   min 0x1 max 0x7fffffff  current 240
fr_udpacktimeout        min 0x1 max 0x7fffffff  current 24
fr_icmptimeout  min 0x1 max 0x7fffffff  current 120
fr_icmpacktimeout       min 0x1 max 0x7fffffff  current 12
fr_iptimeout    min 0x1 max 0x7fffffff  current 120
fr_statemax     min 0x1 max 0x7fffffff  current 10163
fr_statesize    min 0x1 max 0x7fffffff  current 14983
fr_state_lock   min 0   max 0x1 current 0
fr_state_maxbucket      min 0x1 max 0x7fffffff  current 28
fr_state_maxbucket_reset        min 0   max 0x1 current 1
ipstate_logging min 0   max 0x1 current 1
fr_nat_lock     min 0   max 0x1 current 0
ipf_nattable_sz min 0x1 max 0x7fffffff  current 16889
ipf_nattable_max        min 0x1 max 0x7fffffff  current 50000
ipf_natrules_sz min 0x1 max 0x7fffffff  current 509
ipf_rdrrules_sz min 0x1 max 0x7fffffff  current 509
ipf_hostmap_sz  min 0x1 max 0x7fffffff  current 8087
fr_nat_maxbucket        min 0x1 max 0x7fffffff  current 30
fr_nat_maxbucket_reset  min 0   max 0x1 current 1
nat_logging     min 0   max 0x1 current 1
fr_defnatage    min 0x1 max 0x7fffffff  current 1200
fr_defnatipage  min 0x1 max 0x7fffffff  current 120
fr_defnaticmpage        min 0x1 max 0x7fffffff  current 6
fr_nat_doflush  min 0   max 0x1 current 0
ipf_proxy_debug min 0   max 0xa current 0
ipfr_size       min 0x1 max 0x7fffffff  current 257
fr_ipfrttl      min 0x1 max 0x7fffffff  current 120
ipl_suppress    min 0   max 0x1 current 1
ipl_logmax      min 0   max 0x7fffffff  current 7
ipl_logall      min 0   max 0x1 current 0
ipl_logsize     min 0   max 0x80000     current 8192
ippr_ftp_debug  min 0   max 0xa current 0



--
Stephen Clark
*NetWolves*
Director of Technology
Phone: 813-579-3200
Fax: 813-882-0209
Email: [email protected]
http://www.netwolves.com

sysctl variable definitions

Reply via email to